[OpenSIPS-Devel] [ opensips-Patches-2264067 ] Ambiguous return and possible memory leak

SourceForge.net noreply at sourceforge.net
Thu Nov 13 10:07:15 CET 2008 

Patches item #2264067, was opened at 2008-11-11 21:02
Message generated for change (Comment added) made by bogdan_iancu
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086412&aid=2264067&group_id=232389

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: trunk
Status: Open
Resolution: Invalid
Priority: 5
Private: No
Submitted By: Sergio Gutierrez (saguti)
Assigned to: Bogdan-Andrei Iancu (bogdan_iancu)
Summary: Ambiguous return and possible memory leak

Initial Comment:
There is an ambiguity in return value within exec module, and a possible memory leak for not adequate memory free.

The patch fixes both.

----------------------------------------------------------------------

>Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-11-13 11:07

Message:
Hi Sergio,

> line 136, at exec_str: If pipe cannot be opened, goes to error01, memory
is freed, but return is missed.

There is a return there - the one from error00; the code is set (default)
ret=-1 at the beginning - this is ok here.

> line 160, at exec_str: If there is error reading uri (fgets within
while),goes to error02, which only has return ret;

Yes, and ret is preset to -1; also mem is freed in error01

> line 165, at exec_str: If there is error appending branch, goes to
error02, which only has return ret;

Same as above

> line 172, at exec_str: If message has no from uri, goes to error02,
which onlye has return ret;

Same as above.

Regards,
Bogdan

----------------------------------------------------------------------

Comment By: Sergio Gutierrez (saguti)
Date: 2008-11-12 19:32

Message:
Hi Bogdan.

As I see:

line 112, at exec_str: Memory is allocated.
line 136, at exec_str: If pipe cannot be opened, goes to error01, memory
is freed, but return is missed.
line 160, at exec_str: If there is error reading uri (fgets within while),
goes to error02, which only has return ret;
line 165, at exec_str: If there is error appending branch, goes to
error02, which only has return ret;
line 172, at exec_str: If message has no from uri, goes to error02, which
onlye has return ret;

Block defined by error02 does not have memory freeing. Does the program
continue through error01 and error00?

Regards.

Sergio.


----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-11-12 19:21

Message:
Hi Sergio,

I do not see the leak - the original code looks safe to me - if there is a
case where you spoted a possible leak, please describe the case (the flow
in the function).

Thanks and regards,
Bogdan

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086412&aid=2264067&group_id=232389

More information about the Devel mailing list